PS 172 Protective Monitoring Policy
|
|
- Luke Watson
- 8 years ago
- Views:
Transcription
1 PS 172 Protective Monitoring Policy January 2014 Version 2.0 Statement of legislative compliance This document has been drafted to comply with the general and specific duties in the Equality Act 2010; Data Protection Act; Freedom of Information Act; European Convention of Human Rights; Employment Act 2002; Employment Relations Act 1999, and other legislation relevant to policing. PS 172 Protective Monitoring Policy Page 1 of 10
2 Table of Contents Aims and Objectives of the Policy...3 Policy Statement...4 Definitions...4 Ownership...4 Administration...5 Access...5 Distribution...5 Security...6 Policy Publication / System Warnings...6 Data Protection...6 Oversight...7 Related Documents and Appendices...8 DOCUMENTS...8 REFERENCES...8 APPENDIX 1 PC Login Screen Wording...9 New wording for login screen DECEMBER 2013 V Administration...10 Version Control...10 Monitoring and Review...10 Registered Owner...10 PS 172 Protective Monitoring Policy Page 2 of 10
3 Aims and Objectives of the Policy Nottinghamshire Police, by virtue of Section 6, Human Rights Act 1998, is a public authority and is required to act in a manner that is compatible with the rights outlined in the Convention. The Regulation of Investigatory Powers Act 2000 (RIPA) enables the Secretary of State to make regulations setting out those circumstances where it is lawful to intercept or monitor communications for the purposes of carrying on a business. These regulations apply equally to public authorities. Various legislation and codes of practice including the Data Protection Act 1998, ISO 27001/2 Information Security Management Systems and ACPO Community Security Policy impose a positive duty on the Force to protect its information assets and provide the assurances that appropriate controls are in place. The monitoring of staff activity is an established concept which includes the routine supervision of performance and staff behaviour. RIPA extends the principle of supervision to the use by staff of communications equipment provided by the organisation for business purposes. The policy applies to Nottinghamshire Police Officers, Police Staff, Partners, agents and approved persons working for or with the Police Protective Monitoring is a lawful and ethical tool used to assist the Force in the protection of its staff, information and to assist in the investigation of misconduct or criminal activity. The audit system will monitor and record all computer based actions conducted using any Nottinghamshire Police computer equipment. This policy defines the monitoring and auditing of staff activity as a means of ensuring all staff comply with Force policy and procedures and with the standards of behaviour expected by Nottinghamshire Police. This policy does not over-ride any existing policies or negate any existing guidance regarding information security, data protection or acceptable use. It is intended that it will supplement such policies but with a specific focus on the protective monitoring of the force computer network and access to the data held within or transported by it. Main aims and objectives are: To ensure the data integrity of the information held by Nottinghamshire Police and enhance operational security of criminal investigations. This will be achieved by way of a single force-wide network based facility that will audit computer and peripheral device usage independent of any specific application. The system will ensure that Nottinghamshire Police complies with the ACPO Community Security Policy (CSP) requirement to carry out Protective Monitoring. To identify misuse, monitor exceptional usage and support intelligence led investigations. All users of Nottinghamshire Police LAN accounts must note that the monitoring system will include any personal use staff make of Force equipment, PS 172 Protective Monitoring Policy Page 3 of 10
4 even if undertaken in their own time and with Management agreement. Standard use of all Nottinghamshire Police systems and information is identified to all users as for Business Use Only. To provide a forensic capability to the auditing process to ensure its evidential credibility. To protect the Force by providing the Counter-Corruption Unit (CCU) with the means by which they can effectively seek out those who abuse their position within the force for personal gain or benefit of others. To instil within the communities of Nottinghamshire the confidence that those employed by Nottinghamshire Police maintain the highest levels of honesty and integrity by enforcing the relevant Codes of Conduct in relation to unethical behaviour or gross misconduct. To protect the information and intelligence assets of the Force from malicious or accidental disclosure. Policy Statement Definitions Protective Monitoring The term given to an auditing capability that is network based as opposed to being application specific. Application Refers to the software installed on force computers/servers, virtual or otherwise, that will facilitate the logging of actions conducted by the user logged on to a specific terminal or access point. Console The administrative and querying interface of the application used to interrogate and manage the system. Intercept The live monitoring of communications which may involve recording of any activity witnessed. Monitor The review of historic data recorded and stored within the auditing database. Communications Equipment Any equipment that facilitates the creation, transmission or receipt of data provided by the Force and intended for the business use of Nottinghamshire Police. Ownership The owner of the Protective Monitoring system is the Head of Professional Standards and is ultimately responsibly for the use of the software application, the information it generates and the maintenance of the Protective Monitoring Policy. PS 172 Protective Monitoring Policy Page 4 of 10
5 It is the responsibility of the system owner to ensure that any revisions, amendments or alterations to this policy are referred through the corporate decision making process for agreement. The policy will be subject to annual review by the system owner and be assessed for both privacy and equality impact. The Protective Monitoring Policy is inextricably linked with the Information Security and Acceptable Use Policies and before any changes are made consultation with the respective policy owners will be undertaken where appropriate. Administration The Protective Monitoring data will be stored and controlled by Professional Standards. The system will be administered by nominated MV/SC vetted CCU staff. Routine reviews of the audit data will be conducted to ensure compliance with relevant legislation. Access Data stored within the Protective Monitoring system will only be accessible to suitably trained members of CCU; access to pre-defined Management Information reports will be available to other Professional Standards staff members as appropriate. Requests for quantitative/system data must be submitted to the DCI - CCU and each case will be considered on its own merits. Such requests must be made with the authorisation of an officer of the rank of Chief Inspector or above or police staff equivalent. No personal data will be disseminated outside the department without the explicit instructions of the Department head. Distribution All Nottinghamshire Police computers will have the software installed apart from identified and known exceptions. All new computers introduced to the force network will be prompted to have the software installed. Mobile terminals and laptop computers will upload the audit logs automatically on connection to the force network. PS 172 Protective Monitoring Policy Page 5 of 10
6 Security The Protective Monitoring data is encrypted at rest on the local machine and during transmission over the force network. Data stored within the database is afforded the physical and protective security measures required for RESTRICTED material. Passwords entered by force network users are masked from view. Retrieval of this data is only possible by the software provider who will only conduct the conversion with the authority of a police officer of the rank of Superintendent or above. All system users and administrators are audited including those with access to the software terminal console. Policy Publication / System Warnings A suitably worded logon script will be shown at the point each individual user logs onto a force computer. The text will explain in plain language that access to the force network is for authorised users only and is monitored. Users will be advised that they should have no expectation of privacy if they choose to use the Force computers for personal use. They will also be reminded that personal use must be only be conducted following recorded agreement with Line Management. All staff will be advised to read the Protective Monitoring Policy which will be made available on the force Intranet. Attempts to disable/prevent installation or otherwise deliberately interfere with the functionality of the software will be considered a misconduct matter and investigated appropriately. Interference with the system may also constitute an offence under the Computer Misuse Act 1990 and would be treated as a criminal matter. Information generated by the Protective Monitoring system may be used as grounds for further enquiries and form the basis for further investigation. The results of audit log interrogation may be used as evidence in misconduct and criminal proceedings. Data Protection The Data Protection Act 1998 provides for the regulation of the processing of information relating to individuals, including the obtaining, holding, use and disclosure of such information. Any information relating to an individual or their actions generated by the audit system will be subject to relevant legislation and protected accordingly. PS 172 Protective Monitoring Policy Page 6 of 10
7 It is the responsibility of the system owner to ensure that all aspects of the Data Protection Act are complied with. The requirements for data review, retention and disposal will be applied in accordance with the provisions of the Data Protection Act 1998 and the Management of Police Information (MoPI) Codes of Practice Oversight As part of the implementation process of the Protective Monitoring Policy within Nottinghamshire Police, consultation has been undertaken with the Staff Associations. The facility will be made to allow the system, processes and users to be independently audited/verified by the Information Security Manager. PS 172 Protective Monitoring Policy Page 7 of 10
8 Related Documents and Appendices Documents Nottinghamshire Police - Information Security Policy Nottinghamshire Police Internet and Use ACPO - Community Security Policy (CSP) CESG Good Practice Guide 13 (Protective Monitoring) (RESTRICTED) Statutory Instruments 2000 No The Telecommunications (Lawful Business Practice) (Interception of Communications) Regulations 2000 Management of Police Information (MoPI) Codes of Practice 2010 Information Security Management Systems (ISO 27001) References Police Act 1996 Data Protection Act 1998 Computer Misuse Act 1990 Police (Conduct) Regulations 2012 Public Interest Disclosure Act 1998 Freedom of Information Act 2000 (Law Enforcement) Police (Complaints and Misconduct) Regulations 2012 Police unsatisfactory performance, complaints and misconduct procedures 2012 Regulation of Investigatory Powers Act 2000 Human Rights Act 1998 PS 172 Protective Monitoring Policy Page 8 of 10
9 APPENDIX 1 PC Login Screen Wording New wording for login screen December 2013 V3.0 Access to the Nottinghamshire Police IT Network is for BUSINESS USE ONLY. You may not use the Force s IT facilities for personal purposes other than where this has been prior authorised in writing by Management and the reason is recorded. You MUST NOT share your log on details with another individual or allow them to use your system access in your absence. Access to the Nottinghamshire Police IT Network is for AUTHORISED USERS ONLY and is monitored. Consequently, there can be no expectation of privacy if you choose to use the Force s equipment for non-authorised personal use. National, Regional and Local Force systems that contain police information may only be used for POLICING PURPOSES as defined in the Management of Police Information (MOPI) Guidance as: Prevention and detection of crime Apprehension and prosecution of offenders Protection of life and property Maintenance of law and order Assisting the public in accordance with Force policies and procedures Any DISCLOSURE of PERSONAL information from Force IT systems to individuals or organisations MUST COMPLY with the DATA PROTECTION ACT 1998 and MUST BE RECORDED. DISCLOSURES of Force data MUST comply with Force Policy and Procedures. INDIVIDUALS can be LIABLE under CIVIL and CRIMINAL LAW and may face PROSECUTION and/or DISCIPLINARY ACTION where systems are ACCESSED and information VIEWED outside of the Business and Policing Purposes or where information is USED OR DISCLOSED without PROPER AUTHORITY. You must NOT search policing systems in relation to yourself, your relatives or your friends & neighbours or the area where you live, even if you believe that there is a legitimate Policing purpose for this. Where a perceived need arises in these circumstances, you must discuss this with your line manager or the Information Security Manager. By clicking ok you are accepting and agreeing to adhere to the standards above. PS 172 Protective Monitoring Policy Page 9 of 10
10 Administration Version Control Section changed Details of change 2.0 Updated policy Monitoring and Review Measure Date/period and process of review Registered Owner Owner Head of Professional Standards Author Information Security Manager PS 172 Protective Monitoring Policy Page 10 of 10
Online Research and Investigation
Online Research and Investigation This document is intended to provide guidance to police officers or staff engaged in research and investigation across the internet. This guidance is not a source of law
More informationUniversity of Birmingham. Closed Circuit Television (CCTV) Code of Practice
University of Birmingham Closed Circuit Television (CCTV) Code of Practice University of Birmingham uses closed circuit television (CCTV) images to provide a safe and secure environment for students, staff
More informationNOT PROTECTIVELY MARKED. Setting up an Information Sharing Agreement
PD 056 Type of Document: Setting up an Information Sharing Agreement PROCEDURE Version: 1.3 Registered Owner: Author: Director of Information Force Information Effective Date: 12 th June 2008 Review Date:
More informationCODE OF PRACTICE ON THE MANAGEMENT OF POLICE INFORMATION
CODE OF PRACTICE ON THE MANAGEMENT OF POLICE INFORMATION Made by the Secretary of State for the Home Department under sections 39 and 39A of the Police Act 1996 and sections 28, 28A, 73 and 73A of the
More informationUniversity of Liverpool
University of Liverpool Information Security Policy Reference Number Title CSD-003 Information Security Policy Version Number 3.0 Document Status Document Classification Active Open Effective Date 01 October
More informationGUIDEILINE FOR MONITORING STAFF COMPUTER USE
GUIDEILINE FOR MONITORING STAFF COMPUTER USE TRUST REF: B41/2007 APPROVED BY: Policy and Guideline Committee VERSION NUMBER: 1 DATE OF APPROVAL: 12 th November 2007 AUTHOR: DIRECTORATE: REVIEW DATE: Gareth
More informationSTFC Monitoring and Interception policy for Information & Communications Technology Systems and Services
STFC Monitoring and Interception policy for Information & Communications Technology Systems and Services Issue 1.0 (Effective 27 June 2012) This document contains a copy of the STFC policy statements outlining
More informationRegulation of Investigatory Powers Act 2000
Regulation of Investigatory Powers Act 2000 Consultation: Equipment Interference and Interception of Communications Codes of Practice 6 February 2015 Ministerial Foreword The abilities to read or listen
More informationIT SECURITY POLICY (ISMS 01)
IT SECURITY POLICY (ISMS 01) NWAS IM&T Security Policy Page: Page 1 of 14 Date of Approval: 12.01.2015 Status: Final Date of Review Recommended by Approved by Information Governance Management Group Trust
More informationInformation Governance Framework. June 2015
Information Governance Framework June 2015 Information Security Framework Janice McNay June 2015 1 Company Thirteen Group Lead Manager Janice McNay Date of Final Draft and Version Number June 2015 Review
More informationRIPA (Regulations and Investigatory Powers Act)
Dartmoor National Park Authority INTERNET MONITORING POLICY & INVESTIGATION PROTOCOL Approved: February 2010 Review Date: September 2010 1. Introduction Private use of the computer facilities is covered
More informationThe lawful monitoring and recording of communications conveyed on the Thames Valley Police telecommunications systems.
Title Lawful Business Practice (Interception of Communications) Regulations CCMT Sponsor Deputy Chief Constable Department/Area Professional Standards Section/Sector Headquarters 1.0 Rationale This policy
More informationInformation Security and Electronic Communications Acceptable Use Policy (AUP)
Policy No.: AUP v2.0 Effective Date: August 16, 2004 Revision Date: January 17, 2013 Revision No.: 1 Approval jwv / mkb Information Security and Electronic Communications (AUP) 1. INTRODUCTION Southwestern
More informationConditions of Use. Communications and IT Facilities
Conditions of Use of Communications and IT Facilities For the purposes of these conditions of use, the IT Facilities are [any of the University s IT facilities, including email, the internet and other
More informationPolicy on Public and School Bus Closed Circuit Television Systems (CCTV)
DEPARTMENT OF TRANSPORT Policy on Public and School Bus Closed Circuit Television Systems (CCTV) Responsibility of: Public Transport Division TRIM File: DDPI2010/3680 Effective Date: July 2010 Version
More informationTONBRIDGE & MALLING BOROUGH COUNCIL INTERNET & EMAIL POLICY AND CODE
GENERAL STATEMENT TONBRIDGE & MALLING BOROUGH COUNCIL INTERNET & EMAIL POLICY AND CODE 1.1 The Council recognises the increasing importance of the Internet and email, offering opportunities for improving
More informationU 16 Internet Monitoring Policy & Investigation Protocol
Dartmoor National Park Authority U 16 Internet Monitoring Policy & Investigation Protocol February 2010 This document is copyright to Dartmoor National Park Authority and should not be used or adapted
More informationData Protection Act 1998 The Data Protection Policy for the Borough Council of King's Lynn & West Norfolk
Data Protection Act 1998 The for the Borough Council of King's Lynn & West Norfolk 1 Contents Introduction 3 1. Statement of Intent 4 2. Fair Obtaining I Processing 5 3. Data Uses and Processes 6 4. Data
More informationE-Gap Terms and Conditions of Use
E-Gap Terms and Conditions of Use User Terms and Conditions The following paragraphs specify the basis on which you may use the e-gap System and provides information on how we will handle your data. This
More informationProtection. Code of Practice. of Personal Data RPC001147_EN_WB_L_1
Protection of Personal Data RPC001147_EN_WB_L_1 Table of Contents Data Protection Rules Foreword From the Data Protection Commissioner Introduction From the Chairman Data Protection Responsibility of Employees
More informationProtection. Code of Practice. of Personal Data RPC001147_EN_D_19
Protection of Personal Data RPC001147_EN_D_19 Table of Contents Data Protection Rules Foreword From the Data Protection Commissioner Introduction From the Chairman Data Protection Rules Responsibility
More informationINFORMATION TECHNOLOGY SECURITY STANDARDS
INFORMATION TECHNOLOGY SECURITY STANDARDS Version 2.0 December 2013 Table of Contents 1 OVERVIEW 3 2 SCOPE 4 3 STRUCTURE 5 4 ASSET MANAGEMENT 6 5 HUMAN RESOURCES SECURITY 7 6 PHYSICAL AND ENVIRONMENTAL
More informationUNIVERSITY OF ST ANDREWS. EMAIL POLICY November 2005
UNIVERSITY OF ST ANDREWS EMAIL POLICY November 2005 I Introduction 1. Email is an important method of communication for University business, and carries the same weight as paper-based communications. The
More informationHow to Monitor Employee Web Browsing and Email Legally
WHITEPAPER: HOW TO MONITOR EMPLOYEE WEB BROWSING AND EMAIL LEGALLY How to Monitor Employee Web Browsing and Email Legally ABSTRACT The Internet and email are indispensable resources in today s business
More informationCaldwell Community College and Technical Institute
Caldwell Community College and Technical Institute Employee Computer Usage Policies and Procedures I. PURPOSE: The purpose of this section is to define the policies and procedures for using the administrative
More informationPolice Officers who Commit Domestic Violence-Related Criminal Offences 1
PUBLIC DOCUMENT Association of Chief Police Officers of England, Wales and Northern Ireland Police Officers who Commit Domestic Violence-Related Criminal Offences 1 This is an ACPO policy relating to police
More informationPolicy for Management of CCTV on Waste Operation Vehicles
Policy for Management of CCTV on Waste Operation Vehicles 1.0 POLICY 1.1 CCTV cameras are fitted to refuse vehicles for the purposes of Health and Safety of employees and members of the public, and for
More informationParliamentary Security Camera Policy
Parliamentary Security Camera Policy Introduction 1) Security cameras are employed in various parts of the Palace of Westminster and its surrounding estate. They are a vital part of the security system
More informationUSE OF INFORMATION TECHNOLOGY FACILITIES
POLICY CI-03 USE OF INFORMATION TECHNOLOGY FACILITIES Document Control Statement This Policy is maintained by the Information Technology Department. Any printed copy may not be up to date and you are advised
More informationROEHAMPTON UNIVERSITY DATA PROTECTION POLICY
ROEHAMPTON UNIVERSITY DATA PROTECTION POLICY Originated by: Data Protection Working Group: November 2008 Impact Assessment: (to be confirmed) Recommended by Senate: 28 January 2009 Approved by Council:
More informationCCTV CODE OF PRACTICE
CCTV CODE OF PRACTICE Policy area: Operation of CCTV on University Premises Definitions CCTV means Closed Circuit Television. Control Room(s) means those Control Rooms manned by Security staff at the City,
More informationClosed Circuit Television (CCTV) code of practice. Based on the publication A Code of Practice for CCTV www.ico.gov.uk
Closed Circuit Television (CCTV) code of practice Based on the publication A Code of Practice for CCTV www.ico.gov.uk Owner: Ian Heywood Last reviewed: July 2011 Contents 1.0 Introduction... 4 2.0 CCTV
More informationINFORMATION SECURITY POLICY. Contents. Introduction 2. Policy Statement 3. Information Security at RCA 5. Annexes
INFORMATION SECURITY POLICY Ratified by RCA Senate, February 2007 Contents Introduction 2 Policy Statement 3 Information Security at RCA 5 Annexes A. Applicable legislation and interpretation 8 B. Most
More informationDATA PROTECTION AND DATA STORAGE POLICY
DATA PROTECTION AND DATA STORAGE POLICY 1. Purpose and Scope 1.1 This Data Protection and Data Storage Policy (the Policy ) applies to all personal data collected and dealt with by Centre 404, whether
More informationDerbyshire Constabulary UNMANAGEABLE DEBT PROCEDURE POLICY REFERENCE 10/300. This procedure is suitable for Public Disclosure
Derbyshire Constabulary UNMANAGEABLE DEBT PROCEDURE POLICY REFERENCE 10/300 This procedure is suitable for Public Disclosure Owner of Doc: Head of Department, Professional Standards Date Approved: September
More informationCorporate ICT & Data Management. Data Protection Policy
90 Corporate ICT & Data Management Data Protection Policy Classification: Unclassified Date Created: January 2012 Date Reviewed January Version: 2.0 Author: Owner: Data Protection Policy V2 1 Version Control
More informationRules for the use of the IT facilities. Effective August 2015 Present
Rules for the use of the IT facilities Effective August 2015 Present INFORMATION MANAGEMENT GUIDE RULES FOR THE USE OF THE UNIVERSITY S IT FACILITIES ( The Rules ) 1. Introduction 2. Interpretation 3.
More informationDATA PROTECTION POLICY
Reference number Approved by Information Management and Technology Board Date approved 14 th May 2012 Version 1.1 Last revised N/A Review date May 2015 Category Information Assurance Owner Data Protection
More informationUse of Social Networking Websites Policy. Joint Management Trade Union Committee. ENDORSED BY: Consultative Committee DATE: 14 February 2013
Use of Social Networking Websites Policy START DATE: March, 2013 NEXT REVIEW: March 2015 COMMITTEE APPROVAL: Joint Management Trade Union Committee CHAIR S SIGNATURE: STAFF SIDE CHAIR S SIGNATURE: DATE:
More informationUNIVERSITY COLLEGE LONDON CCTV POLICY. Endorsed by the Security Working Group - 17 October 2012
UNIVERSITY COLLEGE LONDON CCTV POLICY Endorsed by the Security Working Group - 17 October 2012 Endorsed by the Infrastructure IT Services Strategy Group - 18 October 2012 Reviewed and endorsed (with one
More informationInformation Governance Policy
Information Governance Policy 1 Introduction Healthwatch Rutland (HWR) needs to collect and use certain types of information about the Data Subjects who come into contact with it in order to carry on its
More informationTo return to the list of Contents, simply click on the line NOT PROTECTIVELY MARKED at the foot of each page.
This PDF file contains interactive links that help you to navigate the document quickly, and to enable you to gain immediate access to all websites listed. Clicking on any of the items in the main list
More informationDene Community School of Technology Staff Acceptable Use Policy
Policy Overview Dene Community School of Technology The school provides computers for use by staff as an important tool for teaching, learning, and administration of the school. Use of school computers,
More informationINFORMATION GOVERNANCE OPERATING POLICY & FRAMEWORK
INFORMATION GOVERNANCE OPERATING POLICY & FRAMEWORK Log / Control Sheet Responsible Officer: Chief Finance Officer Clinical Lead: Dr J Parker, Caldicott Guardian Author: Associate IG Specialist, Yorkshire
More informationHow To Protect Decd Information From Harm
Policy ICT Security Please note this policy is mandatory and staff are required to adhere to the content Summary DECD is committed to ensuring its information is appropriately managed according to the
More informationCouncil Policy. Records & Information Management
Council Policy Records & Information Management COUNCIL POLICY RECORDS AND INFORMATION MANAGEMENT Policy Number: GOV-13 Responsible Department(s): Information Systems Relevant Delegations: None Other Relevant
More informationMerthyr Tydfil County Borough Council. Data Protection Policy
Merthyr Tydfil County Borough Council Data Protection Policy 2014 Cyfarthfa High School is a Rights Respecting School, we recognise the importance of ensuring that the United Nations Convention of the
More informationCOUNCIL TAX REDUCTION, DISCOUNT & EXEMPTION ANTI- FRAUD POLICY
COUNCIL TAX REDUCTION, DISCOUNT & EXEMPTION ANTI- FRAUD POLICY December 2014 1 Contents Section Page Council Tax Reduction, Discount & Exemption Anti-Fraud Policy 1 Introduction 3 2 Definition of Council
More informationINTERNET, E-MAIL USE AND
INTERNET, E-MAIL AND TELEPHONE USE AND MONITORING POLICY Originated by: Customer Services LJCC: 10 th April 2008 Full Council: June 2008 Implemented: June 2008 1.0 Introduction and Aim 1.1 The aim of this
More informationDATA PROTECTION POLICY
DATA PROTECTION POLICY Approval date: June 2014 Approved by: Board Responsible Manager: Executive Director of Resources Next Review June 2016 Data Protection Policy 1. Introduction Data Protection Policy
More informationE-SAFETY POLICY 2014/15 Including:
E-SAFETY POLICY 2014/15 Including: Staff ICT policy (Corporation approved) Data protection policy (Corporation approved) Staff guidelines for Data protection Data Security, awareness raising Acceptable
More informationPolicy Document Control Page
Policy Document Control Page Title Title: Information Governance Policy Version: 5 Reference Number: CO44 Keywords: Information Governance Supersedes Supersedes: Version 4 Description of Amendment(s):
More informationPS 147 Attendance Management Policy
PS 147 Attendance Management Policy October 2012 Version 1.0 Statement of legislative compliance This document has been drafted to comply with the general and specific duties in the Equality Act 2010;
More informationMemorandum of understanding between the Gambling Commission ( the Commission ) and PhonepayPlus
Memorandum of understanding between the Gambling Commission ( the Commission ) and PhonepayPlus This memorandum provides a framework for cooperation between the Commission and PhonepayPlus ( the Parties
More informationBusiness Continuity Management Policy
Governance: Business Committee Policy Owner: Chief Superintendent, Corporate Services Department: Corporate Services Policy Number: 002 Version: 3.0 Policy Writer: Business Continuity Co-ordinator Effective
More informationElectronic Messaging Policy. 1. Document Status. Security Classification. Level 4 - PUBLIC. Version 1.0. Approval. Review By June 2012
Electronic Messaging Policy 1. Document Status Security Classification Level 4 - PUBLIC Version 1.0 Status DRAFT Approval Life 3 Years Review By June 2012 Owner Secure Research Database Analyst Retention
More informationEmail Usage Policy Document Profile Box
Document Profile Box Document Category / Ref QSSD 660 Version: 0004 Ratified by: Governance and Risk Committee Date ratified: 12 th January 2012 Name of originator / author: Name of responsible committee
More informationInformation Governance Policy
Information Governance Policy Document Number 01 Version Number 2.0 Approved by / Date approved Effective Authority Customer Services & ICT Authorised by Assistant Director Customer Services & ICT Contact
More informationUlster University Standard Cover Sheet
Ulster University Standard Cover Sheet Document Title IT Monitoring Policy 1.5 Custodian Approving Committee Deputy Director of Finance and Information Services (Information Services) Information Services
More informationRecommendations. That the Cabinet approve the withdrawal of the existing policy and its replacement with the revised document.
Report to: Cabinet Date: 14 th October 2004. Report: of Head of Corporate Personnel Services Report Title: USE of INTERNET POLICY Summary of Report. The use of the Internet is growing rapidly. Over the
More informationNOT PROTECTIVELY MARKED FORCE PROCEDURES. Using the Off-Site Storage Facility for Physical Records - v03. Records Manager
FORCE PROCEDURES Using the Off-Site Storage Facility for Physical Records - v03 Procedure Reference Number: 2010.07 Procedure Author: Samantha Hampson Records Manager Procedure Review Date: February 2013
More informationCorporate Data Protection Policy
Corporate Data Protection Policy September 2010 Records Management Policy RMP-09 GOLDEN RULE When you think about Data Protection remember that we are all data subjects. Think about how appropriately and
More informationINFORMATION GOVERNANCE AND SECURITY 1 POLICY DRAFTED BY: INFORMATION GOVERNANCE LEAD 2 ACCOUNTABLE DIRECTOR: SENIOR INFORMATION RISK OWNER
INFORMATION GOVERNANCE AND SECURITY 1 POLICY DRAFTED BY: INFORMATION GOVERNANCE LEAD 2 ACCOUNTABLE DIRECTOR: SENIOR INFORMATION RISK OWNER 3 APPLIES TO: ALL STAFF 4 COMMITTEE & DATE APPROVED: AUDIT COMMITTEE
More informationDISCIPLINARY PROCEDURE
DISCIPLINARY PROCEDURE INTRODUCTION These procedures are compliant with the ACAS code of practice and are designed to help and encourage staff at Pilgrims Hospice to achieve and maintain required standards
More informationInformation Management and Security Policy
Unclassified Policy BG-Policy-03 Contents 1.0 BG Group Policy 3 2.0 Policy rationale 3 3.0 Applicability 3 4.0 Policy implementation 4 Document and version control Version Author Issue date Revision detail
More informationOffice of the Data Protection Commissioner of The Bahamas. Data Protection (Privacy of Personal Information) Act, 2003. A Guide for Data Controllers
Office of the Data Protection Commissioner of The Bahamas Data Protection (Privacy of Personal Information) Act, 2003 A Guide for Data Controllers 1 Acknowledgement Some of the information contained in
More informationWEST MIDLANDS POLICE Force Policy Document
WEST MIDLANDS POLICE Force Policy Document POLICY TITLE: POLICY REFERENCE NO: POLICE STAFF DISCIPLINARY PROCEDURE HR/06 Executive Summary The Force expects certain standards of conduct to be maintained
More informationData Protection Policy June 2014
Data Protection Policy June 2014 Approving authority: Consultation via: Court Audit and Risk Committee, University Executive, Secretary's Board, Information Governance and Security Group Approval date:
More informationInformation Technology and Communications Policy
Information Technology and Communications Policy No: FIN-IT-POL-001 Version: 03 Issue Date: 10.06.13 Review Date: 10.06.16 Author: Robert Cooper Monitor Changes Approved by: Board of Governors Version
More informationNorthamptonshire Police. Information Management Strategy
Northamptonshire Police Information Management Strategy If printed, copied or otherwise transferred from the Policies and Procedures Intranet/Internet Site this document must be considered to be an uncontrolled
More informationLINCOLNSHIRE POLICE Policy Document
LINCOLNSHIRE POLICE Policy Document 1. POLICY IDENTIFICATION PAGE POLICY TITLE: SOCIAL NETWORKING AND VIDEO SHARING WEBSITES POLICY REFERENCE NO: PD 174 POLICY OWNERSHIP: ACPO Commissioning Officer: Portfolio
More informationDATA PROTECTION POLICY
DATA PROTECTION POLICY Version 1.3 April 2014 Contents 1 POLICY STATEMENT...2 2 PURPOSE....2 3 LEGAL CONTEXT AND DEFINITIONS...2 3.1 Data Protection Act 1998...2 3.2 Other related legislation.....4 3.3
More informationInformation Services. Regulations for the Use of Information Technology (IT) Facilities at the University of Kent
Scope Information Services Regulations for the Use of Information Technology (IT) Facilities at the University of Kent 1. These regulations apply to The Law All students registered at the University, all
More informationDerbyshire Constabulary GUIDANCE ON THE SAFE USE OF THE INTERNET AND SOCIAL MEDIA BY POLICE OFFICERS AND POLICE STAFF POLICY REFERENCE 09/268
Derbyshire Constabulary GUIDANCE ON THE SAFE USE OF THE INTERNET AND SOCIAL MEDIA BY POLICE OFFICERS AND POLICE STAFF POLICY REFERENCE 09/268 This guidance is suitable for Public Disclosure Owner of Doc:
More informationData Protection Policy
Data Protection Policy Version: V1 Ratified by: Operational Management Executive Committee Date ratified: 26 September 2013 Name and Title of originator/author(s): Chris Brady, FOI, Data Protection and
More informationCORK INSTITUTE OF TECHNOLOGY
CORK INSTITUTE OF TECHNOLOGY DATA PROTECTION POLICY APPROVED BY GOVERNING BODY ON 30 APRIL 2009 INTRODUCTION Cork Institute of Technology is committed to a policy of protecting the rights and privacy of
More informationDate of review: January 2016 Policy Category: Corporate Sponsor (Director): Chief Executive CONTENT SECTION DESCRIPTION PAGE.
Title: Information Governance Policy Date Approved: Approved by: Date of review: Policy Ref: Issue: January 2015 Information Governance Group Division/Department: January 2016 Policy Category: ISP-04 5
More informationCOLEG GWENT FURTHER EDUCATION CORPORATION. HUMAN RESOURCES & REMUNERATION COMMITTEE 2 nd November 2010
HR&R/Nov/10/22 COLEG GWENT FURTHER EDUCATION CORPORATION HUMAN RESOURCES & REMUNERATION COMMITTEE 2 nd November 2010 Report on Policies reviewed under the 2 year cycle: IT Security Policy Purpose of Report:
More informationEmail Policy and Code of Conduct
Email Policy and Code of Conduct UNIQUE REF NUMBER: CCG/IG/011/V1.2 DOCUMENT STATUS: Approved by Audit Committee 19 June 2013 DATE ISSUED: June 2013 DATE TO BE REVIEWED: June 2014 1 P age AMENDMENT HISTORY
More informationInternet Use Policy and Code of Conduct
Internet Use Policy and Code of Conduct UNIQUE REF NUMBER: AC/IG/023/V1.1 DOCUMENT STATUS: Agreed by Audit Committee 18 July 2013 DATE ISSUED: July 2013 DATE TO BE REVIEWED: July 2014 1 P age AMENDMENT
More information2.0 Emended due to the change to academy status Review Date. ICT Network Security Policy Berwick Academy
Version History Author Approved Committee Version Status date Eddie Jefferson 09/15/2009 Full Governing 1.0 Final Version Body Eddie Jefferson 18/08/2012 Full Governing Body 2.0 Emended due to the change
More informationSocial and Digital Media Policy
Social and Digital Media Policy October 2012 Version 1.0 Statement of legislative compliance This document has been drafted to comply with the general and specific duties in the Equality Act 2010; Data
More informationEXPLANATORY MEMORANDUM TO THE DATA RETENTION (EC DIRECTIVE) REGULATIONS 2007. 2007 No. 2199
EXPLANATORY MEMORANDUM TO THE DATA RETENTION (EC DIRECTIVE) REGULATIONS 2007 2007 No. 2199 1. This explanatory memorandum has been prepared by the Home Office and is laid before Parliament by Command of
More informationValdosta State University. Information Resources Acceptable Use Policy
Valdosta State University Information Resources Acceptable Use Policy Date: December 10, 2010 1. OVERVIEW... 3 2. SCOPE... 3 3. DESIGNATION OF REPRESENTATIVES... 3 3.1 UNIVERSITY PRESIDENT... 3 3.2 VICE
More informationAccess Control Policy
Version 3.0 This policy maybe updated at anytime (without notice) to ensure changes to the HSE s organisation structure and/or business practices are properly reflected in the policy. Please ensure you
More informationUniversity of Essex Automatic Number Plate Recognition (ANPR) Policy
& Standards for ANPR Operation at The University of Essex (Colchester Campus) Index 1. Introduction 1.1 System Description 1.2 Purpose of the System 1.3 Operating Principles 1.4 To Whom this Document Applies
More informationINFORMATION GOVERNANCE POLICY & FRAMEWORK
INFORMATION GOVERNANCE POLICY & FRAMEWORK Version 1.2 Committee Approved by Audit Committee Date Approved 5 March 2015 Author: Responsible Lead: Associate IG Specialist, YHCS Corporate & Governance Manger
More informationOFFICIAL. NCC Records Management and Disposal Policy
NCC Records Management and Disposal Policy Issue No: V1.0 Reference: NCC/IG4 Date of Origin: 12/11/2013 Date of this Issue: 14/01/2014 1 P a g e DOCUMENT TITLE NCC Records Management and Disposal Policy
More informationCorporate Information Security Management Policy
Corporate Information Security Management Policy Signed: Chief Executive. 1. Definition of Information Security 1.1. Information security means safeguarding information from unauthorised access or modification
More informationICT Student Usage Policy
ICT Student Usage Policy Document status Document owner Vice Principal Finance and Resources Document author IT Manager Document type Policy Date of document January 2015 Version number 04 Review requirements
More informationData Protection Policy
Data Protection Policy CONTENTS Introduction...2 1. Statement of Intent...2 2. Fair Processing or Privacy Statement...3 3. Data Uses and Processes...4 4. Data Quality and Integrity...4 5. Technical and
More informationWest Lothian College. E-Mail and Computer Network Responsible Use Policy. September 2011
West Lothian College E-Mail and Computer Network Responsible Use Policy September 2011 Author: Steve Williams Date: September 2011 Agreed: Computer Network & Email Policy September 2011 E-Mail and Computer
More informationNetwork Security Policy
Network Security Policy I. PURPOSE Attacks and security incidents constitute a risk to the University's academic mission. The loss or corruption of data or unauthorized disclosure of information on campus
More informationLife Cycle of Records
Discard Create Inactive Life Cycle of Records Current Retain Use Semi-current Records Management Policy April 2014 Document title Records Management Policy April 2014 Document author and department Responsible
More informationDisclosable under FOIA 2000: Yes Author: T/CI Nick Barker Force / Organisation: BTP Date Created: May 2009 Telephone: 0207 830 8930
Security Classification: NOT PROTECTIVELY MARKED Disclosable under FOIA 2000: Yes Author: T/CI Nick Barker Force / Organisation: BTP Date Created: May 2009 Telephone: 0207 830 8930 Association of Chief
More informationPOLICIES AND REGULATIONS Policy #78
Peel District School Board POLICIES AND REGULATIONS Policy #78 DIGITAL CITIZENSHIP Digital Citizenship Digital citizenship is defined as the norms of responsible behaviour related to the appropriate use
More informationInformation Circular
Information Circular Enquiries to: Brooke Smith Senior Policy Officer IC number: 0177/14 Phone number: 9222 0268 Date: March 2014 Supersedes: File No: F-AA-23386 Subject: Practice Code for the Use of Personal
More informationData Protection Policy
Data Protection Policy Owner : Head of Information Management Document ID : ICT-PL-0099 Version : 2.0 Date : May 2015 We will on request produce this Policy, or particular parts of it, in other languages
More informationScottish Rowing Data Protection Policy
Revision Approved by the Board August 2010 1. Introduction As individuals, we want to know that personal information about ourselves is handled properly, and we and others have specific rights in this
More information